def convert_to_ssl(self, cert, key, **sslctx_kwargs):
"""
Convert connection to SSL.
For a list of parameters, see tls.create_server_context(...)
"""
context = tls.create_server_context(cert=cert,
key=key,
**sslctx_kwargs)
self.connection = SSL.Connection(context, self.connection)
self.connection.set_accept_state()
try:
self.connection.do_handshake()
except SSL.Error as v:
raise exceptions.TlsException("SSL handshake error: %s" % repr(v))
self.ssl_established = True
cert = self.connection.get_peer_certificate()
if cert:
self.clientcert = certs.SSLCert(cert)
self.rfile.set_descriptor(self.connection)
self.wfile.set_descriptor(self.connection)
def convert_to_ssl(self, cert, key, **sslctx_kwargs):
"""
Convert connection to SSL.
For a list of parameters, see tls.create_server_context(...)
"""
context = tls.create_server_context(
cert=cert,
key=key,
**sslctx_kwargs)
self.connection = SSL.Connection(context, self.connection)
self.connection.set_accept_state()
try:
self.connection.do_handshake()
except SSL.Error as v:
raise exceptions.TlsException("SSL handshake error: %s" % repr(v))
self.ssl_established = True
cert = self.connection.get_peer_certificate()
if cert:
self.clientcert = certs.SSLCert(cert)
self.rfile.set_descriptor(self.connection)
self.wfile.set_descriptor(self.connection)
def create_client_proxy_ssl_conn(self,
tls_start: tls.TlsStartData) -> None:
tls_method, tls_options = net_tls.VERSION_CHOICES[
ctx.options.ssl_version_client]
cert, key, chain_file = self.get_cert(tls_start.context)
ssl_ctx = net_tls.create_server_context(
cert=cert,
key=key,
method=tls_method,
options=tls_options,
cipher_list=ctx.options.ciphers_client or DEFAULT_CLIENT_CIPHERS,
dhparams=self.certstore.dhparams,
chain_file=chain_file,
alpn_select_callback=alpn_select_callback,
extra_chain_certs=tls_start.context.server.certificate_list,
)
tls_start.ssl_conn = SSL.Connection(ssl_ctx)
tls_start.ssl_conn.set_app_data(
AppData(
server_alpn=tls_start.context.server.alpn,
http2=ctx.options.http2,
))
tls_start.ssl_conn.set_accept_state()